Tech Takedown

How the NSA Became a Killing Machine

In an excerpt from his new book, @War, Daily Beast reporter Shane Harris shows how the NSA went partners with the military in Iraq and changed warfare forever.

11.09.14 11:45 AM ET

Bob Stasio never planned to become a cyber warrior. After he graduated high school, Stasio enrolled at the University at Buffalo and entered the ROTC program. He majored in mathematical physics, studying mind-bending theories of quantum mechanics and partial differential equations. The university, eager to graduate students steeped in the hard sciences, waived the major components of his core curriculum requirements, including English. Stasio never wrote a paper in his entire college career.

Stasio arrived at Fort Lewis, Washington, in 2004, when he was 22 years old. His new brigade intelligence officer took one look at the second lieutenant’s résumé, saw the background in math and physics, and told Stasio, “You’re going to the SIGINT platoon.”

SIGINT, or signals intelligence, is the capture and analysis of electronic communications. Like all branches of intelligence, it’s a blend of science and art, but it’s heavy on the science. The brigade intelligence officer had worked at the National Security Agency and recognized that Stasio’s physics training would come in handy, because so much of SIGINT involves the technical collection of radio signals, fiber-optic transmissions, and Internet packets.

Stasio was assigned to a Stryker brigade, a mechanized force designed to be light on its feet, capable of deploying into combat in just a few days. It was Stasio’s job to locate the enemy on the battlefield by tracking his communications signals. And he was also supposed to divine his adversary’s intentions by eavesdropping on the orders a commander gave to troops, or listening for the air strike that a platoon leader was calling in from behind the lines. Stasio would join the Fourth Brigade, Second Infantry Division, “the Raiders,” and deploy to Iraq. He’d be working with a team of linguists, who would be essential, since Stasio didn’t speak Arabic.

Stasio arrived in Iraq in April 2007 as part of a new “surge” of American troops. He might have wondered if they arrived too late. Stasio and his team found U.S. forces under relentless assault from insurgents, roadside bombers, and mortar attacks. Iraq was collapsing amid an escalating civil war. Foreign fighters were pouring into the country from neighboring Syria and Iran, and a ruthless terrorist network, known as al Qaeda in Iraq (which would later evolve into ISIS), ran a brutal campaign of attacks against U.S. and coalition forces, the Iraqi government, and Iraqi Shiites. The terror group aimed to break the back of the fledgling government with a theocratic dictatorship.

But Stasio had a weapon that the insurgents didn’t: the servers full of electronic communications and signals collected by the NSA’s listening posts. Prior to his deployment, Stasio spent his time studying insurgencies and how they were structured like a network, not along the vertical hierarchies of a traditional military. Stasio thought that if he could tap into SIGINT from Iraq, which included phone calls, e-mails, and text messages sent by the insurgents, he might be able to understand something about the size and shape of their networks by piecing together their communications records. Stasio was a fan of the HBO series The Wire, and he was particularly fond of one character, Lester, who uncovers a network of drug dealers in Baltimore by tracking their cell phone calls. Stasio wanted to do the same thing in Iraq.

***

What Stasio didn’t know—and couldn’t have known, because his security clearances didn’t extend that far—was that his ideas about intelligence-supported warfare had been adopted by the highest levels of the U.S. government. In a meeting of senior national security officials with President George W. Bush in the spring of 2007, the commander-in-chief authorized the NSA to begin hacking into the phone and computer networks of Iraqi insurgents.

The Iraqi cell phone network was a potential intelligence gold mine. Cell phone contracts were among the first business deals struck in Iraq after Saddam Hussein was driven from power. Wireless was cheaper than wired communications, and cell phones were proliferating. The NSA had access to foreign telecommunications networks through agreements struck with the United States—based carriers that operated them. These companies were paid handsomely—each receiving tens of millions of dollars annually, according to one former company executive—to give the spy agencies privileged access to their networks and the data coursing through them.

Stasio was just one member of a vast hacking enterprise, the vanguard of a new cyber war. After Bush gave his order, daily strikes in Iraq were being carried about by a hybrid military and intelligence unit that brought together soldiers and spies. Their center of operations was a concrete hangar at the Balad Air Base, north of Baghdad, which had once housed Iraqi fighter jets. Most of the planes here now were unmanned drones. Their pilots worked alongside NSA hackers, FBI cyber forensics investigators, and special operations forces—the military’s elite commando squads. They all broke off into clusters, working with a seamless, almost organic precision. The hackers stole information from the enemy’s electronic devices and passed it to the analysts, who drew up target lists for the troops. As they went off on raids, the drone pilots watched overhead, giving eye-in-the-sky warning to the troops on the ground, thanks to sophisticated cameras and other sensors developed by the CIA. Sometimes the drone pilots themselves made the kill with a missile shot.

When an attack was finished, the troops gathered more intelligence from the site or from the fighters they captured—cell phones, laptop computers, thumb drives, address books, scraps of paper called “pocket litter” that might contain nothing more than a name, a phone number, or a physical or e-mail address. The troops brought the information back to the base and gave it to the analysts, who fed it into their databases and used data-mining software to look for connections to other fighters either in custody or at large. They paid close attention to how the fighters were getting money for their operations, including sources outside Iraq—in Syria, Iran, and Saudi Arabia.

Every day the unit netted between ten and twenty fighters. Whole terrorist networks were illuminated in this way, by U.S. forces who were starting to think and act like their enemy. They structured themselves not in vertical hierarchies but in networks, each member responding to conditions on the ground. They were making it up as they went along, and creating a new kind of warfare.

The NSA had already built the infrastructure to tap into communications networks. After the 9/11 attacks, the agency set up new listening posts and collection points to monitor cyberspace for terrorist phone calls, e-mails, and other digital communications. Many of these new access points were inside the offices and switching stations of the United States’ major telecom network carriers. Analysts tracking a particular insurgent’s cell phone could see when it was logged on to the network. The analysts relayed that information to troops on the ground, who intercepted the wireless signal. (Aircraft and satellites were also used to grab the signal if ground forces weren’t close by.) All that data was quickly collated to locate the target, down to the exact street, building, and even apartment from which he was calling or texting.

***

There was another pillar to the new intelligence strategy. In addition to collecting all electronic communications in Iraq, and using it to pinpoint the location of fighters and financiers, the NSA began to manipulate the methods of communications themselves—the insurgents’ phones and computers.

Get The Beast In Your Inbox!
By clicking "Subscribe," you agree to have read the Terms of Use and Privacy Policy
Thank You!
You are now subscribed to the Daily Digest and Cheat Sheet. We will not share your email with anyone for any reason

The U.S. hackers sent fake text messages to insurgent fighters and roadside bombers. The messages would tell the recipient, in effect, “Meet at this street corner to plan the next attack,” or “Go to this point on a road and plant your device.” When the fighter got there, he’d be greeted by U.S. troops, or perhaps the business end of a Hellfire missile fired from a drone aircraft thousands of feet above.

The hackers and analysts at the NSA, working with forces on the ground in Iraq, infiltrated al Qaeda’s network of websites and servers, which the Americans called Obelisk. This was effectively al Qaeda’s corporate intranet. The terrorists published propaganda videos to Obelisk, as well as marching orders and plans for waging holy war. They even posted mundane administrative materials, including expense accounts and personnel memos. Obelisk was the insurgency’s command-and-control system. And once inside, NSA hackers implanted malicious software in jihadi forums, tricking readers into clicking on links that installed spyware on their computers. Obelisk gave the spies access to al Qaeda’s secrets, and the means to infiltrate its ranks.

Working on his own piece of the intelligence puzzle, Stasio racked up impressive victories. He and his team used signals intelligence to locate insurgent cells, taking them off the battlefield, and eventually moved on to tracking entire networks of people. They found the man responsible for building many of the suicide vests that terrorists used, tracking him down to his workshop. When the troops kicked open the door, they found a woman being fitted with her lethal garment. The bomb maker and the would-be bomber were arrested.

The team uncovered a cache of several thousand explosively formed projectiles (EFPs), the largest they’d ever seen in Iraq. EFPs were designed to be fired at a distance and to penetrate the armored vehicles—the ones that soldiers drove to protect them from traditional roadside bombs. The EFPs were hidden in a compartment under an unassuming-looking house. Stasio and his analysts discovered that a foreign national was training people in Iraq to make the deadly projectiles. He too was arrested.

Stasio was just a young officer. But in his new role as an analyst, he had to understand where the bombs were, who was making them, and who was financing the production. Every time his boss went into a meeting with a sheikh or local leader, Stasio had to brief him on the political backstory, the complexities of the interlocking and sometimes interchangeable alliances that U.S. sources hoped to exploit in their effort to win more “hearts and minds” among Iraqis.

Never in war, as far as he knew, had such a low-ranking officer been required to know so much tactical and strategic information, to understand not just the battlefield on which he fought but the geopolitical realities of the war. Usually that kind of analysis was done by a guy with stars on his shoulders.

His fellow officers kidded him: “Bob, did you brief the president today?”

He took it as a compliment.

***

As the operations picked up pace and began to pay dividends, the NSA called in its most skilled cyber warriors. They worked in a unit called Tailored Access Operations, or TAO. As their name implies, they devised bespoke tools and techniques for breaking into computers. The stealthiest of all U.S. hackers, they were also the rarest—only a few hundred worked for TAO, and many of them had undergone years of NSA-devised training, sometimes through colleges and universities where the spy agency had helped write the curriculum.

In one successful operation, the TAO hackers set their sights on the Islamic State of Iraq, an insurgent group that had formed in 2004, pledged allegiance to al Qaeda, and then fallen under its banner. The group fought U.S. soldiers, but it also terrorized and murdered civilians. In 2007 alone this al Qaeda branch killed 2,000 Iraqis and seized control of the Dora neighborhood in southern Baghdad, where it tried to install Islamic law and set up a new “emirate” to govern the people. Local Christians who had lived in Dora for decades fled their homes rather than live under such harsh religious rule. A member of the new emirate knocked on the door of one Christian man and told him that if he wanted to stay, he could pay a tax or convert to Islam. Otherwise, he must abandon his house; the al Qaeda members offered to help remove his furniture.

TAO hackers zeroed in on the leaders of the al Qaeda group. Centering their operations in Baghdad, they scooped up e-mail messages that the terrorists had left in draft form in their personal accounts, where they could be picked up by fellow fighters without having to be sent over the Internet. This was a common trick terrorists used to avoid detection. TAO had been on to it for years.

For TAO, hacking into the communications network of the senior al Qaeda leaders in Iraq helped break the terrorist group’s hold on the neighborhoods around Baghdad. By one account, it aided U.S. troops in capturing or killing at least ten of those senior leaders from the battlefield. When one major operation, dubbed Arrowhead Ripper, concluded in mid-August, most insurgent activity in the area had ceased. By November, al Qaeda had left the Dora neighborhood.

The intelligence machine continued to win victories. There were 28 bombings and other attacks by al Qaeda in Iraq reported in the first six months of 2008, down from 300 such attacks in the previous year. And the number of civilian casualties attributed to the terror group plummeted, from 1,500 in 2007 to 125 in the first half of 2008. A former military intelligence officer likened the cyber assault on the top echelons of al Qaeda to “cutting the head off a snake.”

“We took operations to get inside the communications systems and the command-and-control structure that allowed terrorists and insurgents to coordinate attacks against U.S. forces,” he said. “That’s the key to any successful operation.”

For the first time in the now four-year-old Iraq War, the United States could point to a strategy that was actually working. The overall success of the surge, which finally allowed U.S. forces to leave Iraq, has been attributed to three major factors by historians and the commanders and soldiers who served there. First, the additional troops on the ground helped to secure the most violent neighborhoods, kill or capture insurgents, and protect Iraq’s civilians. The cities became less violent, and the people felt safer and more inclined to help the U.S. occupation. Second, insurgent groups who were outraged by al Qaeda’s brutal, heavyhanded tactics and the imposition of religious law turned against the terrorists, or were paid by U.S. forces to switch their allegiances and fight with the Americans. This so-called Sunni Awakening included 80,000 fighters, whose leaders publicly denounced al Qaeda and credited the U.S. military with trying to improve the lives of Iraqi citizens.

But the third and arguably the most pivotal element of the surge was the series of intelligence operations undertaken by the NSA and soldiers such as Stasio. Former intelligence analysts, military officers, and senior Bush administration officials say that the cyber operations opened the door to a new way of obtaining intelligence, and then integrating it into combat operations on the ground. The information about enemy movements and plans that U.S. spies swiped from computers and phones gave troops a road map to find the fighters, sometimes leading right to their doorsteps. This was the most sophisticated global tracking system ever devised, and it worked with lethal efficiency.

Gen. David Petraeus, the commander of all coalition forces in Iraq, credited this new cyber warfare “with being a prime reason for the significant progress made by U.S. troops” in the surge, which lasted into the summer of 2008, “directly enabling the removal of almost 4,000 insurgents from the battlefield.” The tide of the war in Iraq finally turned in the United States’ favor. The intelligence operations, which were later exported to Afghanistan, “saved U.S. and allied lives by helping to identify and neutralize extremist threats across the breadth of both battlefields.” Later the NSA integrated the techniques it had developed on the battlefield into its other intelligence operations used to track terrorists, spies, and hackers around the world. That alliance between the spy agency and the military, forged in Iraq, would forever change the way America fights wars.

From @War: The Rise of the Military-Internet Complex by Shane Harris. Copyright © 2014 by Shane Harris. Published by Houghton Mifflin Harcourt. Reprinted by permission.